Monthly Archives: July 2014

Just a couple of useful links when considering using Active Directory Certificate Services (ADCS) https://www.youtube.com/watch?v=u3e6RkpiBtw http://kazmierczak.eu/itblog/2012/08/22/the-dos-and-donts-of-pki-microsoft-adcs/ Just use the Microsoft OIDs if your not expecting to use your certs outside of your organisationContinue reading…

Good timing for me, bad timing for those that already have 2012 R2 DCs in their domain. Event ID: 4 The Kerberos client received a KRB_AP_ERR_MODIFIED There is a bug in Kerberos When a Windows 2012 R2 DC is promoted in an environment where Windows 2003 DCs are present, there is a mismatch in the […]Continue reading…

In my case I am migrating two 2003 DHCP Servers (that are also DCs) with split scopes over to two 2012 R2 DHCP Servers that are load balanced Before you Migrate Windows Server 2012 R2 DHCP Expired Leases Not Getting Scavenged worth following suggestions to potentially avoid the issue Migration Steps to follow for migrating DHCP Server […]Continue reading…

Steps to follow for Migrating Active Directory Federation Services Role Service to Windows Server 2012 R2 In my case I did not have an existing ADFS. Please comment if you have any thing to add from your experience Continue reading…

Microsoft Guide to follow for migrating Active Directory Certificate Services from 2003 and higher to 2012 R2 In my case I did not have an existing PKI Infrastructure. Please comment if you have any thing to add from your experianceContinue reading…

Overview The following is a checklist I am compiling as I go through an upgrade of a Single Forest/Single domain AD environment. To give you an idea of scale: 4,500 clients, 500 servers and 5 AD Sites My upgrade is in 4 steps: Upgrade schema Test new 2012 R2 DCs Replace all 2003 DCs Upgrade functional Level […]Continue reading…

A simple little command “c:\temp\FilesIn” is the location of the files to process “c:\temp\FilesOut\” is the location of the files created with the first 4 lines removed if you want to remove just 1 line replace the code with -Skip 1 Copy and paste the following line into a powershell command prompt (watch for the word […]Continue reading…

I was at a unrelated training course and just happened to mention to the tutor about having just moved from E1000 to Netflex 3 adapters due to dropped packet issues. He said “You know about the dropped packet issues in netfex 3 don’t you? Err no? “You know about the dropped packet issues in your […]Continue reading…

Really, if you are going to migrate off 2003 to a newer Microsoft platform , bypass 2008 , 2008 R2 , 2012 and go straight for 2012 R2. The Time you are going to invest in the migration, you may as well go directly to the stable product that is 2012 R2 Virtualisation Support […]Continue reading…

Roaming profiles are great! Well they are until, you start using shared or generic accounts and the users long on times slow right down. Be very very very wary of using roaming profiles. Particularly if you use “generic or shared accounts” (an account logged in by more than one physical person at the same time) […]Continue reading…